[vlc-commits] network: fix possible buffer overflow

[Romain Vimont]

vlc | branch: master | Romain Vimont <rom1v at videolabs.io> | Mon Jun 29 14:28:45 2020 +0200| [746bdbb122c05c114b5a0bcb58e8e573964fbdad] | committer: Hugo Beauzée-Luyssen

network: fix possible buffer overflow

The function vlc_tls_GetLine() forgot to truncate the string if a line
sent by the server did not end with `\r\n`. As a consequence, it returned a
non-NUL-terminated string.

Signed-off-by: Hugo Beauzée-Luyssen <hugo at beauzee.fr>

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=746bdbb122c05c114b5a0bcb58e8e573964fbdad
---

 src/network/stream.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/network/stream.c b/src/network/stream.c
index 9d241e4f54..0990c6190f 100644
--- a/src/network/stream.c
+++ b/src/network/stream.c
@@ -154,6 +154,8 @@ char *vlc_tls_GetLine(vlc_tls_t *session)
 
     if (linelen >= 2 && line[linelen - 2] == '\r')
         line[linelen - 2] = '\0';
+    else
+        line[linelen - 1] = '\0';
     return line;
 
 error: